How to Setup X500 Environment in Sun ONE Directory

How to Setup X500 Environment in Sun ONE Directory

X500 is big original directory , if we use Sun ONE Directory to simulate x500,we my be meet some problems, especially when we import x500 schema into sun one, in this article I will tell you how to solve those problems.

You should know in the Sun ONE Directory we cant add many instance servers, after add a new server called x500, e should stop the default x500 server.

When you open Sun ONE Directory install folder, you’ll found the system add a new folder called “slapd-x500”, lick into this folder, now we should do is modify the server’s schema file to add custom objectclasses and attributes, now click into the config/schema/ , ou will see many schema files in this folder, you should find the file called “99user.ldif”, the new schema data we add should copy into this file, then restart the x500 instance server.

Before you add content into “99user.ldif”,there is already exist some content as follows:

dn: cn=schema

objectClass: top

objectClass: ldapSubentry

objectClass: subschema

cn: schema

aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymo

  us, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";)

aci: (targetattr = "*")(version 3.0; acl "Configuration Administrator"; allow

  (all) userdn = "ldap:///uid=admin,ou=Administrators, ou=TopologyManagement,

  o=NetscapeRoot";)

aci: (targetattr = "*")(version 3.0; acl "Local Directory Administrators Group

  "; allow (all) groupdn = "ldap:///cn=Directory Administrators, dc=root";)

aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all)groupdn = "ld

  ap:///cn=slapd-x500, cn=Sun ONE Directory Server, cn=Server Group, cn=bd.com

  , ou=bd.com, o=NetscapeRoot";)

modifiersName: cn=directory manager

modifyTimestamp: 20090728014854Z

 

Our custom schema just add to it’s end ,   such as:

attributeTypes=( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} X-INVERSIONS ( 'type' 'value' ) X-RIGHTS ( 'compare' 'read' 'update' ) X-MATCHES ( 'presence' 'equality' ) X-PART 'user' X-CHECK 'prs' X-LOWERBOUND '1' X-FORM 'cisp' )

When you start the x500 server, a error occurred :”uid” already exist or oid already used by other attribute, now you just delete this attributeTypes.

 

When you add following contens:

attributeTypes=( 0.9.2342.19200300.100.1.40 NAME ( 'pti' 'personalTitle' ) EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} SINGLE-VALUE X-RIGHTS ( 'compare' 'read' 'update' ) X-MATCHES 'equality' X-PART 'user' X-CHECK 't61prs' X-LOWERBOUND '1' X-FORM 'cist' )

 

the error is “pti” already used by other attribute ,but when you find the ‘pti’ in the “00core.ldif”,you can’t find the “pti”,How do I deal with it ? ,ok ,now you back to you new schema file, you can see ( 'pti' 'personalTitle' ),’pti’ is alias of the 'personalTitle',then you open the “00core.ldif” ,search the 'personalTitle' ,add a alias into it.

 

Above are main problems,other syntax problems as follows:

“attributeTypes=( “     =>   “attributeTypes :( “

 

That’s the main problems your will meet ,then you can start the X500 Direcotry in Sun ONE Directory.

 

Following contentsthe in the table you will used:

Schema FileName	Purpose
00core.ldif	Recommended core schema from the X.500 and LDAP standards (RFCs), and schema used by the Directory Server itself. Including our usual used objectlasses: such as:Person, Organization
99user.ldif	Customer modifications to the schema.